<?php
include_once('../../includes/metodos.php');

function insert(){
	connectSql();
	$titulo = anti_injection($_POST['titulo']);
	$conteudo = anti_injection($_POST['conteudo']);
	$status = anti_injection($_POST['status']);
	if(!empty($_POST['colunista'])){
		$id_user = anti_injection($_POST['colunista']);
	}else{
		$id_user = anti_injection($_SESSION['id']);
	}
	$tags = anti_injection($_POST['tags']);
	
	connectSql();
	$query = mysql_query("INSERT INTO econ_colunista VALUES (null, '$id_user', '$status', '$titulo', '$conteudo', NOW(), NOW(), '$tags')");
	if($query){
		echo '<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">location.href="index.php";</SCRIPT>';
	}else{
		die(mysql_error());
	}
}

function remove($id){
	connectSql();
	$query = mysql_query("DELETE FROM econ_colunista WHERE id=".anti_injection($id));
	echo '<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
									alert ("Coluna removido com sucesso!");
									location.href="index.php";
							  </SCRIPT>';
}

function edit($id){
	$titulo = anti_injection($_POST['titulo']);
	$conteudo = anti_injection($_POST['conteudo']);
	$status = anti_injection($_POST['status']);
	$tags = anti_injection($_POST['tags']);
	if(!empty($_POST['colunista'])){
		$id_user = anti_injection($_POST['colunista']);
	}else{
		$id_user = anti_injection($_SESSION['id']);
	}
	
	connectSql();
	$query = mysql_query("UPDATE econ_colunista SET titulo='$titulo', usuario_id='$id_user', conteudo='$conteudo', status='$status', editado=NOW(), tags='$tags' WHERE id=".anti_injection($id));
	if($query){
		echo '<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">location.href="index.php";</SCRIPT>';
	}
}